LinkedIn was fined for inadequate handling of user data for behavioral analysis and targeted advertising. The DPC found that LinkedIn did not obtain valid consent from users and failed to provide clear information about how user data was being used.
This fine is one of the largest ever issued under the GDPR and serves as a strong reminder of the importance of data protection compliance.
Key points of the infringement include:
- Invalid Consent: LinkedIn did not obtain valid consent from users for processing their data.
- Lack of Transparency: LinkedIn failed to provide clear information about how user data was being used.
- Fairness and Lawfulness: The. processing of personal data was found to be unfair and unlawful
LinkedIn has stated that it is working to ensure its ad practices comply with the DPC's decision.
LinkedIn attempted to justify its data processing practices using consent, legitimate interests, and contractual necessity, but the DPC found these justifications invalid.
The professionals networking platform did not properly inform users about its data processing activities, violating the GDPR principles of transparency and fairness.
LinkedIn has been given three months to bring its data processing practices into compliance with the GDPR
Last year in May, Meta was fined €1.2 billion (approximately $1.3 billion) by the Irish Data Protection Commission for transferring personal data of European users to the United States without adequate data protection mechanisms.
In July 2021, Amazon was fined €746 million (approximately $888 million) by the Luxembourg National Commission for Data Protection for its advertising targeting system that operated without proper consent.
In 2019, Google was fined €50 million (approximately $57 million) by France's data protection authority for failing to provide clear information about its data processing activities and not seeking proper consent for targeted advertising.
Advertisements